I'm a bit lost and need some guidance. I've just inherited this web application written in spring/hibernate and I'm trying to get myself familiar with this technology.
One of the first things I need to do is to keep the user logged in for like 2 weeks or till he explicitly logs out. The application runs on Tomcat - and I think by default - if there is no activity - the user is being logged out in 20 mins.
I know to keep the user logged in for 2 weeks or so - we have to use cookies and set the max age or something. Are there any articles that talk about how this is done.
In this application, I dont even see any LoginController. All the pages that require login are marked in web.xml - When any of those pages are requested - the login.jsp page shows up and if I look in the form action - it says j_security_check.
So I'm not even sure, which controller I should be using to set cookies and stuff. If anyone can guide me a little, I will really appreciate it.
What you are seeing in the login page is just the simplest way to handle security in Spring MVS and Spring. So the Controller is a built in class in Spring MVC that is handling it, not any Controller class in your application.
0
